Bug Bounty - GitBook
Open in Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Show more7 425
Subscribers
-124 hours
+177 days
+16030 days
Posts Archive
7 425
Sometimes IDOR isn't just about changing 123 to 124
Try changing types.
If there’s an endpoint /api/reset_password that takes {"user_id": 123}
Try :
{"user_id": true}
{"user_id": []}
{"user_id": 0}
{"user_id": “123 “}
true might match the first record in the database which might be admin
http://GitBook_s.t.me
7 425
وحشتِ تنهایی از همصحبتِ بد خوشترست
سر به صحرا مینهم چون عاقلی پیدا شود
تخم در هر شورهزاری ریختن بیحاصل است
صبر دارم تا زمین قابلی پیدا شود
گوهر خود را مزن صائب به سنگ ناقصان
باش تا جوهرشناس کاملی پیدا شود
از غزلیات صائب - شماره ۲۶۶۰
7 425
7 425
8Best #firefox addons for #Hacking
-HackBar
-Cookies Manager+
-User-Agent Switcher
-Tamper Data
-FoxyProxy Standard
-Wappalyzer:
-HttpRequester
-RESTClient:
-Tampermonkey
-XSS Me
-SQL Inject Me
-iMacros
-FirePHP
7 425
🔗 Webhooks online
http://GitBook_s.t.me
A selection of useful services for testing HTTP requests
🔗webhook.link
🔗webhook.site
🔗 webhook-test.com
🔗 webhook.cool
🔗webhookrelay
Example:
curl -X POST https://gitbook-s.webhook.cool -H "Content-Type: application/json" -d '{"hello": "world", "is_true": true}'
#webhook #http #web
7 425
🔗 Webhooks online
A selection of useful services for testing HTTP requests
🔗webhook.link
🔗webhook.site
🔗 webhook-test.com
🔗 webhook.cool
🔗webhookrelay
Example:
curl -X POST https://gitbook-s.webhook.cool -H "Content-Type: application/json" -d '{"hello": "world", "is_true": true}'
@GitBook_s
#webhook #http #web
7 425
& DNS resources
More info here
https://blog.detectify.com/industry-insights/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
#WAF
@GitBook_s
7 425
What is bug bounty methodology?
your unique approach to a target(step-by-step process).
GitBook_s
7 425
Hi guys
I have a question
Who knows the difference between brute force and spray ?
Answer in direct
Available now! Telegram Research 2025 — the year's key insights 
